Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
File:                     TStBlpVqQxU0D4J9mSoPeikoTD4.mft (raw, json)
Hash identifier:          o9NA+3IxeOz5zBqptD1EWWqqPCFHHPLOGtjqrxyCWEY=
Subject key identifier:   25:D6:AD:3C:84:0F:A8:A3:D3:4F:9C:74:94:4D:D2:B5:14:02:DB:7A
Authority key identifier: 4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E
Certificate issuer:       /CN=4d2b4196956a4315340f827d992a0f7a29284c3e
Certificate serial:       0196CA6017ADC512A55EE0798FB24DDABDE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
Manifest number:          11CA
Signing time:             Tue 13 May 2025 16:00:17 +0000
Manifest this update:     Tue 13 May 2025 16:00:17 +0000
Manifest next update:     Wed 14 May 2025 16:00:17 +0000
Files and hashes:         1: TStBlpVqQxU0D4J9mSoPeikoTD4.crl (hash: kL0LSMOTK2gFttYsrw5Op91sYzfVpNFMcnqO/WkBNEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:60:17:ad:c5:12:a5:5e:e0:79:8f:b2:4d:da:bd:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d2b4196956a4315340f827d992a0f7a29284c3e
        Validity
            Not Before: May 13 16:00:17 2025 GMT
            Not After : May 14 16:00:17 2025 GMT
        Subject: CN=25d6ad3c840fa8a3d34f9c74944dd2b51402db7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2c:e5:00:86:e6:c1:0b:67:8a:c3:3d:af:cf:
                    c6:a6:a2:2b:23:a4:75:5e:9f:b9:c4:93:ba:38:2c:
                    d1:e4:c8:fe:e9:2e:60:84:ea:e2:7f:95:bd:8b:49:
                    ae:7a:54:bf:14:5a:14:59:35:be:3a:7b:69:82:eb:
                    87:e9:fd:24:24:4f:1f:74:60:c2:0b:25:36:d9:ac:
                    49:47:7b:80:1c:1d:94:f7:3f:ca:e7:5a:9c:06:a7:
                    2b:ca:b8:43:39:96:88:e6:aa:9e:41:14:98:cf:64:
                    53:77:93:29:d8:9c:28:4c:d5:20:c3:f8:4c:1e:a6:
                    1b:92:4a:86:5b:6f:51:e2:4f:68:26:d6:d4:0f:a8:
                    a3:fb:25:fb:99:12:d3:0c:07:72:96:c8:7d:e6:bc:
                    19:6d:e4:3a:3f:9a:66:66:68:e7:3e:d5:c0:84:ed:
                    e1:2b:7c:0e:54:9f:c6:88:c9:3a:90:49:ec:f4:6a:
                    29:4d:f2:92:c5:c1:47:5b:97:4d:ab:b1:bd:da:d3:
                    65:84:08:f3:a9:10:8c:55:07:18:c3:71:7b:48:85:
                    75:2e:31:d9:d8:5a:e0:d7:c7:4c:47:8a:ef:a0:5a:
                    25:02:37:8a:13:31:b1:12:b2:22:8a:1d:45:4c:a2:
                    89:f1:6c:fd:6d:ee:de:b8:87:4c:1c:cd:06:40:b0:
                    da:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:D6:AD:3C:84:0F:A8:A3:D3:4F:9C:74:94:4D:D2:B5:14:02:DB:7A
            X509v3 Authority Key Identifier:
                keyid:4D:2B:41:96:95:6A:43:15:34:0F:82:7D:99:2A:0F:7A:29:28:4C:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TStBlpVqQxU0D4J9mSoPeikoTD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3c02b9-25c4-488f-a975-455a0a61f1ea/1/TStBlpVqQxU0D4J9mSoPeikoTD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:2b:db:a5:30:29:77:23:e5:34:f9:29:8e:8e:94:11:9e:8c:
         79:11:a4:a6:bb:99:0f:a1:19:14:37:4b:71:e0:bf:ab:0a:37:
         01:e6:ed:7f:66:e2:c3:cd:e1:8c:1a:e3:8c:e3:b6:5e:2f:84:
         aa:29:51:fe:3a:bc:25:44:ea:f4:a4:b6:0e:80:9d:52:7e:fa:
         7d:92:c5:55:53:2b:0e:d7:24:99:69:6b:ac:65:fc:4d:8e:9c:
         be:f9:84:f7:08:e4:b7:6c:8e:b1:2a:b0:70:80:f1:3e:83:c8:
         cb:da:f7:66:bf:69:e1:ee:df:67:a8:b0:20:25:47:65:21:78:
         89:3e:0c:78:5f:55:6a:fb:19:4a:04:4e:1a:e8:ac:72:94:e1:
         14:68:ad:b7:33:66:a7:b7:c4:22:61:06:2d:12:0e:7a:0d:b8:
         77:32:3d:d3:07:22:6f:7a:25:ae:5d:a6:50:e7:02:45:c2:88:
         74:25:7c:95:9e:c7:5c:c6:1c:5c:46:91:53:1b:37:ad:9f:f8:
         fe:28:26:37:55:4b:8c:f7:f9:e7:ba:53:cc:ad:9f:6d:b7:70:
         20:74:a8:ca:74:73:03:97:1c:49:4e:fc:75:9e:20:4b:bf:1f:
         b4:85:a0:bb:91:3c:39:a6:61:42:1d:c9:c3:53:21:ff:f1:a4:
         a4:60:e3:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYBetxRKlXuB5j7JN2r3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmI0MTk2OTU2YTQzMTUzNDBmODI3ZDk5MmEwZjdhMjky
ODRjM2UwHhcNMjUwNTEzMTYwMDE3WhcNMjUwNTE0MTYwMDE3WjAzMTEwLwYDVQQD
EygyNWQ2YWQzYzg0MGZhOGEzZDM0ZjljNzQ5NDRkZDJiNTE0MDJkYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyzlAIbmwQtnisM9r8/GpqIrI6R1
Xp+5xJO6OCzR5Mj+6S5ghOrif5W9i0muelS/FFoUWTW+OntpguuH6f0kJE8fdGDC
CyU22axJR3uAHB2U9z/K51qcBqcryrhDOZaI5qqeQRSYz2RTd5Mp2JwoTNUgw/hM
HqYbkkqGW29R4k9oJtbUD6ij+yX7mRLTDAdylsh95rwZbeQ6P5pmZmjnPtXAhO3h
K3wOVJ/GiMk6kEns9GopTfKSxcFHW5dNq7G92tNlhAjzqRCMVQcYw3F7SIV1LjHZ
2Frg18dMR4rvoFolAjeKEzGxErIiih1FTKKJ8Wz9be7euIdMHM0GQLDapQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXWrTyED6ij00+cdJRN0rUUAtt6MB8GA1UdIwQY
MBaAFE0rQZaVakMVNA+CfZkqD3opKEw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUt
NDU1YTBhNjFmMWVhLzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYzAyYjktMjVjNC00ODhmLWE5NzUtNDU1YTBhNjFmMWVh
LzEvVFN0QmxwVnFReFUwRDRKOW1Tb1BlaWtvVEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOivbpTAp
dyPlNPkpjo6UEZ6MeRGkpruZD6EZFDdLceC/qwo3Aebtf2biw83hjBrjjOO2Xi+E
qilR/jq8JUTq9KS2DoCdUn76fZLFVVMrDtckmWlrrGX8TY6cvvmE9wjkt2yOsSqw
cIDxPoPIy9r3Zr9p4e7fZ6iwICVHZSF4iT4MeF9VavsZSgROGuiscpThFGittzNm
p7fEImEGLRIOeg24dzI90wcib3olrl2mUOcCRcKIdCV8lZ7HXMYcXEaRUxs3rZ/4
/igmN1VLjPf557pTzK2fbbdwIHSoynRzA5ccSU78dZ4gS78ftIWgu5E8OaZhQh3J
w1Mh//GkpGDjfQ==
-----END CERTIFICATE-----